CVE-2023-31438

Name of the Vulnerable Software and Affected Versions systemd version 253

Description An issue was discovered where an attacker can truncate a sealed log file and then resume log sealing, allowing modifications to go undetected despite integrity checks showing no error.

Recommendations For systemd version 253, consider disabling the log sealing feature as a temporary workaround until a patch is available. Restrict access to sealed log files to minimize the risk of exploitation. Avoid using the log sealing feature in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.